Get IP address information using Netstat on Linux
How to get IP address information using netcat and some other useful tips.
user1@cloudshell:~$ netstat | awk '/tcp6/ { print $5 }' 74.125.41.158:36146 173.194.93.92:48039 |
user1@cloudshell:~$ netstat | awk '/tcp6/ { print $5" - "$6,$4 }' 74.125.41.158:36146 - ESTABLISHED cs-499203476661-def:922 173.194.93.92:48039 - ESTABLISHED cs-499203476661-def:922 |
To get a list of all MAC addresses on your computer, use this one-liner.
┌──(john㉿DESKTOP-PF01IEE)-[~] └─$ ip a | awk '/link\// { if ($2 != "0.0.0.0" && $2 != "00:00:00:00:00:00") print $2 }' 36:56:ea:19:7e:eb 36:6e:5f:9d:8c:b8 00:15:5d:35:12:df |
This lists all the MAC addresses of network adapters on the system.
To send a custom TCP ping packet to a remote machine, use this one-liner, which is using nping and sends a ping packet with a custom text payload.
┌──(john㉿DESKTOP-PF01IEE)-[~] └─$ sudo nping -c 1 --data-string "Hello World" --tcp -p 80,443 google.com Starting Nping 0.7.92 ( https://nmap.org/nping ) at 2022-01-04 11:41 AEDT SENT (0.1173s) TCP 172.26.32.86:27367 > 142.250.66.206:80 S ttl=64 id=64310 iplen=51 seq=4083521514 win=1480 RCVD (0.1349s) TCP 142.250.66.206:80 > 172.26.32.86:27367 SA ttl=122 id=37478 iplen=44 seq=2843008592 win=65535 <mss 1412> SENT (1.1180s) TCP 172.26.32.86:27367 > 142.250.66.206:443 S ttl=64 id=64310 iplen=51 seq=4083521514 win=1480 RCVD (1.1332s) TCP 142.250.66.206:443 > 172.26.32.86:27367 SA ttl=121 id=37565 iplen=44 seq=378663080 win=65535 <mss 1412> Max rtt: 17.549ms | Min rtt: 15.134ms | Avg rtt: 16.341ms Raw packets sent: 2 (102B) | Rcvd: 2 (88B) | Lost: 0 (0.00%) Nping done: 1 IP address pinged in 1.21 seconds |
Another example, this is sending a longer text payload,
┌──(john㉿DESKTOP-PF01IEE)-[~] └─$ sudo nping -c 1 --data-string "Hello World. This is a custom ICMP packet." --tcp -p 80,443 yahoo.com Starting Nping 0.7.92 ( https://nmap.org/nping ) at 2022-01-04 11:44 AEDT SENT (0.1172s) TCP 172.26.32.86:1775 > 74.6.143.26:80 S ttl=64 id=56313 iplen=82 seq=2202160277 win=1480 RCVD (0.3548s) TCP 74.6.143.26:80 > 172.26.32.86:1775 SA ttl=42 id=0 iplen=44 seq=1944844627 win=29200 <mss 1412> SENT (1.1173s) TCP 172.26.32.86:1775 > 74.6.143.26:443 S ttl=64 id=56313 iplen=82 seq=2202160277 win=1480 RCVD (1.3543s) TCP 74.6.143.26:443 > 172.26.32.86:1775 SA ttl=44 id=0 iplen=44 seq=1377209954 win=29200 <mss 1412> Max rtt: 237.614ms | Min rtt: 237.028ms | Avg rtt: 237.321ms Raw packets sent: 2 (164B) | Rcvd: 2 (88B) | Lost: 0 (0.00%) Nping done: 1 IP address pinged in 1.43 seconds |
This works very well, this could be used to send text messages over the Internet if you had a special listener to pick up the messages and then show them. Wireshark can be used to do this, if you filter ICMP packets and then scroll through them you can see the text in the packet details view. Just type ‘icmp’ in the filter field to filter ICMP packets. This is a very neat trick. I wonder if you could fit small packets of data inside an ICMP packet and then decode it later, it would not be encrypted, but it could work. An interesting exercise for a coder I think. The packet may only fit a small amount of data, but if a larger packet was broken up into bits and then each segment placed into an ICMP packet and transmitted, you could use a listener to capture each part and then assemble the data at the destination. Or is there another way of doing this? I have heard of someone using text messages from a `phone to send data and reassemble it at the destination. They had unlimited text messages and took advantage of them to send data that way.
Finally, this useful one-liner will print the IPv6 address of your machine.
┌──(john㉿DESKTOP-PF01IEE)-[~] └─$ ip a | awk '/inet6 / { if ($2 != "::1/128") print $2 }' fe80::215:5dff:fe35:12df/64 |